diff options
Diffstat (limited to 'libjava/classpath/gnu/javax/crypto/pad')
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/pad/BasePad.java | 148 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/pad/IPad.java | 63 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/pad/ISO10126.java | 109 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java | 90 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/pad/PKCS7.java | 174 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/pad/PadFactory.java | 87 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/pad/SSL3.java | 44 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/pad/TBC.java | 104 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/pad/TLS1.java | 52 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java | 21 |
10 files changed, 450 insertions, 442 deletions
diff --git a/libjava/classpath/gnu/javax/crypto/pad/BasePad.java b/libjava/classpath/gnu/javax/crypto/pad/BasePad.java index 49c5d050a85..8b475d2d8cb 100644 --- a/libjava/classpath/gnu/javax/crypto/pad/BasePad.java +++ b/libjava/classpath/gnu/javax/crypto/pad/BasePad.java @@ -38,24 +38,24 @@ exception statement from your version. */ package gnu.javax.crypto.pad; +import gnu.java.security.Configuration; + +import java.util.Map; +import java.util.logging.Level; +import java.util.logging.Logger; + /** - * <p>An abstract class to facilitate implementing padding algorithms.</p> + * An abstract class to facilitate implementing padding algorithms. */ -public abstract class BasePad implements IPad +public abstract class BasePad + implements IPad { - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(BasePad.class.getName()); /** The canonical name prefix of the padding algorithm. */ protected String name; - /** The block size, in bytes, for this instance. */ protected int blockSize; - // Constructor(s) - // ------------------------------------------------------------------------- - /** Trivial constructor for use by concrete subclasses. */ protected BasePad(final String name) { @@ -65,84 +65,122 @@ public abstract class BasePad implements IPad blockSize = -1; } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // IPad interface implementation ------------------------------------------- - public String name() { final StringBuffer sb = new StringBuffer(name); if (blockSize != -1) - { - sb.append('-').append(String.valueOf(8 * blockSize)); - } + sb.append('-').append(String.valueOf(8 * blockSize)); return sb.toString(); } public void init(final int bs) throws IllegalStateException { if (blockSize != -1) - { - throw new IllegalStateException(); - } + throw new IllegalStateException(); blockSize = bs; setup(); } + /** + * Initialises the algorithm with designated attributes. Names, valid and/or + * recognisable by all concrete implementations are described in {@link IPad} + * class documentation. Other algorithm-specific attributes MUST be documented + * in the implementation class of that padding algorithm. + * <p> + * For compatibility reasons, this method is not declared <i>abstract</i>. + * Furthermore, and unless overridden, the default implementation will throw + * an {@link UnsupportedOperationException}. Concrete padding algorithms MUST + * override this method if they wish to offer an initialisation method that + * allows for other than the padding block size parameter to be specified. + * + * @param attributes a set of name-value pairs that describes the desired + * future behaviour of this instance. + * @exception IllegalStateException if the instance is already initialised. + * @exception IllegalArgumentException if the block size value is invalid. + */ + public void init(Map attributes) throws IllegalStateException + { + throw new UnsupportedOperationException(); + } + public void reset() { blockSize = -1; } + /** + * A default implementation of a correctness test that exercises the padder + * implementation, using block sizes varying from 2 to 256 bytes. + * + * @return <code>true</code> if the concrete implementation correctly unpads + * what it pads for all tested block sizes. Returns <code>false</code> + * if the test fails for any block size. + */ public boolean selfTest() { + final byte[] in = new byte[1024]; + for (int bs = 2; bs < 256; bs++) + if (! test1BlockSize(bs, in)) + return false; + return true; + } + + /** + * The basic symmetric test for a padder given a specific block size. + * <p> + * The code ensures that the implementation is capable of unpadding what it + * pads. + * + * @param size the block size to test. + * @param buffer a work buffer. It is exposed as an argument for this method + * to reduce un-necessary object allocations. + * @return <code>true</code> if the test passes; <code>false</code> + * otherwise. + */ + protected boolean test1BlockSize(int size, byte[] buffer) + { byte[] padBytes; final int offset = 5; - final int limit = 1024; - final byte[] in = new byte[limit]; - for (int bs = 2; bs < 256; bs++) + final int limit = buffer.length; + this.init(size); + for (int i = 0; i < limit - offset - blockSize; i++) { - this.init(bs); - for (int i = 0; i < limit - offset - blockSize; i++) + padBytes = pad(buffer, offset, i); + if (((i + padBytes.length) % blockSize) != 0) { - padBytes = pad(in, offset, i); - if (((i + padBytes.length) % blockSize) != 0) - { - new RuntimeException(name()).printStackTrace(System.err); - return false; - } - - System.arraycopy(padBytes, 0, in, offset + i, padBytes.length); - try - { - if (padBytes.length != unpad(in, offset, i + padBytes.length)) - { - new RuntimeException(name()).printStackTrace(System.err); - return false; - } - } - catch (WrongPaddingException x) + if (Configuration.DEBUG) + log.log(Level.SEVERE, + "Length of padded text MUST be a multiple of " + + blockSize, new RuntimeException(name())); + return false; + } + System.arraycopy(padBytes, 0, buffer, offset + i, padBytes.length); + try + { + if (padBytes.length != unpad(buffer, offset, i + padBytes.length)) { - x.printStackTrace(System.err); + if (Configuration.DEBUG) + log.log(Level.SEVERE, + "IPad [" + name() + "] failed symmetric operation", + new RuntimeException(name())); return false; } } - this.reset(); + catch (WrongPaddingException x) + { + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "test1BlockSize", x); + return false; + } } - + this.reset(); return true; } - // abstract methods to implement by subclasses ----------------------------- - /** - * <p>If any additional checks or resource setup must be done by the - * subclass, then this is the hook for it. This method will be called before - * the {@link #init(int)} method returns.</p> + * If any additional checks or resource setup must be done by the subclass, + * then this is the hook for it. This method will be called before the + * {@link #init(int)} method returns. */ public abstract void setup(); @@ -150,4 +188,4 @@ public abstract class BasePad implements IPad public abstract int unpad(byte[] in, int off, int len) throws WrongPaddingException; -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/pad/IPad.java b/libjava/classpath/gnu/javax/crypto/pad/IPad.java index 4b4c925e622..0e3db7db19e 100644 --- a/libjava/classpath/gnu/javax/crypto/pad/IPad.java +++ b/libjava/classpath/gnu/javax/crypto/pad/IPad.java @@ -38,29 +38,32 @@ exception statement from your version. */ package gnu.javax.crypto.pad; +import java.util.Map; + /** - * <p>The basic visible methods of any padding algorithm.</p> - * - * <p>Padding algorithms serve to <i>pad</i> and <i>unpad</i> byte arrays usually + * The basic visible methods, and attribute names, of every padding algorithm. + * <p> + * Padding algorithms serve to <i>pad</i> and <i>unpad</i> byte arrays usually * as the last step in an <i>encryption</i> or respectively a <i>decryption</i> * operation. Their input buffers are usually those processed by instances of - * {@link gnu.crypto.mode.IMode} and/or {@link gnu.crypto.cipher.IBlockCipher}.</p> + * {@link gnu.javax.crypto.mode.IMode} and/or + * {@link gnu.javax.crypto.cipher.IBlockCipher}. */ public interface IPad { - - // Constants - // ------------------------------------------------------------------------- - - // Methods - // ------------------------------------------------------------------------- + /** + * Property name of the block size in which to operate the padding algorithm. + * The value associated with this property name is taken to be a positive + * {@link Integer} greater than zero. + */ + String PADDING_BLOCK_SIZE = "gnu.crypto.pad.block.size"; /** @return the canonical name of this instance. */ String name(); /** * Initialises the padding scheme with a designated block size. - * + * * @param bs the designated block size. * @exception IllegalStateException if the instance is already initialised. * @exception IllegalArgumentException if the block size value is invalid. @@ -68,29 +71,43 @@ public interface IPad void init(int bs) throws IllegalStateException; /** + * Initialises the algorithm with designated attributes. Names, valid and/or + * recognisable by all concrete implementations are described in the class + * documentation above. Other algorithm-specific attributes MUST be documented + * in the implementation class of that padding algorithm. + * + * @param attributes a set of name-value pairs that describes the desired + * future behaviour of this instance. + * @exception IllegalStateException if the instance is already initialised. + * @exception IllegalArgumentException if the block size value is invalid. + */ + void init(Map attributes) throws IllegalStateException; + + /** * Returns the byte sequence that should be appended to the designated input. - * + * * @param in the input buffer containing the bytes to pad. * @param offset the starting index of meaningful data in <i>in</i>. * @param length the number of meaningful bytes in <i>in</i>. * @return the possibly 0-byte long sequence to be appended to the designated - * input. + * input. */ byte[] pad(byte[] in, int offset, int length); /** * Returns the number of bytes to discard from a designated input buffer. - * + * * @param in the input buffer containing the bytes to unpad. * @param offset the starting index of meaningful data in <i>in</i>. * @param length the number of meaningful bytes in <i>in</i>. * @return the number of bytes to discard, to the left of index position - * <tt>offset + length</tt> in <i>in</i>. In other words, if the return - * value of a successful invocation of this method is <tt>result</tt>, then - * the unpadded byte sequence will be <tt>offset + length - result</tt> bytes - * in <i>in</i>, starting from index position <tt>offset</tt>. + * <code>offset + length</code> in <i>in</i>. In other words, if + * the return value of a successful invocation of this method is + * <code>result</code>, then the unpadded byte sequence will be + * <code>offset + length - result</code> bytes in <i>in</i>, + * starting from index position <code>offset</code>. * @exception WrongPaddingException if the data is not terminated with the - * expected padding bytes. + * expected padding bytes. */ int unpad(byte[] in, int offset, int length) throws WrongPaddingException; @@ -102,9 +119,9 @@ public interface IPad /** * A basic symmetric pad/unpad test. - * - * @return <tt>true</tt> if the implementation passes a basic symmetric - * self-test. Returns <tt>false</tt> otherwise. + * + * @return <code>true</code> if the implementation passes a basic symmetric + * self-test. Returns <code>false</code> otherwise. */ boolean selfTest(); -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/pad/ISO10126.java b/libjava/classpath/gnu/javax/crypto/pad/ISO10126.java new file mode 100644 index 00000000000..8e8c59254fc --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/pad/ISO10126.java @@ -0,0 +1,109 @@ +/* ISO10126.java -- An implementation of the ISO 10126-2 padding scheme + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.pad; + +import gnu.java.security.Registry; +import gnu.java.security.util.PRNG; + +/** + * The implementation of the ISO 10126-2 padding algorithm. + * <p> + * The last byte of the padding block is the number of padding bytes, all other + * padding bytes are random. + * <p> + * References: + * <ol> + * <li><a href="http://www.w3.org/TR/xmlenc-core/">XML Encryption Syntax and + * Processing</a> Section "5.2 Block Encryption Algorithms"; "Padding".</li> + * </ol> + */ +public final class ISO10126 + extends BasePad +{ + /** Used to generate random numbers for padding bytes. */ + private PRNG prng; + + ISO10126() + { + super(Registry.ISO10126_PAD); + prng = PRNG.getInstance(); + } + + public void setup() + { + // Nothing to do here + } + + public byte[] pad(byte[] in, int offset, int length) + { + int padLength = blockSize - (length % blockSize); + final byte[] pad = new byte[padLength]; + + // generate random numbers for the padding bytes except for the last byte + prng.nextBytes(pad, 0, padLength - 1); + // the last byte contains the number of padding bytes + pad[padLength - 1] = (byte) padLength; + + return pad; + } + + public int unpad(byte[] in, int offset, int length) + throws WrongPaddingException + { + // the last byte contains the number of padding bytes + int padLength = in[offset + length - 1] & 0xFF; + if (padLength > length) + throw new WrongPaddingException(); + + return padLength; + } + + /** + * The default self-test in the super-class would take too long to finish + * with this type of padder --due to the large amount of random data needed. + * We override the default test and replace it with a simple one for a 16-byte + * block-size (default AES block-size). The Mauve test TestOfISO10126 will + * exercise all block-sizes that the default self-test uses for the other + * padders. + */ + public boolean selfTest() + { + return test1BlockSize(16, new byte[1024]); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java b/libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java index 03c3d61a303..9ddc6098949 100644 --- a/libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java +++ b/libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java @@ -38,73 +38,47 @@ exception statement from your version. */ package gnu.javax.crypto.pad; +import gnu.java.security.Configuration; import gnu.java.security.Registry; import gnu.java.security.sig.rsa.EME_PKCS1_V1_5; import gnu.java.security.util.PRNG; import gnu.java.security.util.Util; -import java.io.PrintWriter; +import java.util.logging.Level; +import java.util.logging.Logger; /** - * <p>A padding algorithm implementation of the EME-PKCS1-V1.5 encoding/decoding + * A padding algorithm implementation of the EME-PKCS1-V1.5 encoding/decoding * algorithm as described in section 7.2 of RFC-3447. This is effectively an * <i>Adapter</i> over an instance of {@link EME_PKCS1_V1_5} initialised with - * the RSA public shared modulus length (in bytes).</p> - * - * <p>References:</p> + * the RSA public shared modulus length (in bytes). + * <p> + * References: * <ol> - * <li><a href="http://www.ietf.org/rfc/rfc3447.txt">Public-Key Cryptography - * Standards (PKCS) #1:</a><br> - * RSA Cryptography Specifications Version 2.1.<br> - * Jakob Jonsson and Burt Kaliski.</li> + * <li><a href="http://www.ietf.org/rfc/rfc3447.txt">Public-Key Cryptography + * Standards (PKCS) #1:</a><br> + * RSA Cryptography Specifications Version 2.1.<br> + * Jakob Jonsson and Burt Kaliski.</li> * </ol> - * + * * @see EME_PKCS1_V1_5 */ -public class PKCS1_V1_5 extends BasePad +public class PKCS1_V1_5 + extends BasePad { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = Registry.EME_PKCS1_V1_5_PAD; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 9; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(final String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(PKCS1_V1_5.class.getName()); private EME_PKCS1_V1_5 codec; - // Constructor(s) - // ------------------------------------------------------------------------- - /** - * <p>Trivial package-private constructor for use by the <i>Factory</i> class. - * </p> + * Trivial package-private constructor for use by the <i>Factory</i> class. * - * @see gnu.crypto.pad.PadFactory + * @see PadFactory */ PKCS1_V1_5() { super(Registry.EME_PKCS1_V1_5_PAD); } - // Class methods - // ------------------------------------------------------------------------- - - // Implementation of abstract methods in BasePad - // ------------------------------------------------------------------------- - public void setup() { codec = EME_PKCS1_V1_5.getInstance(blockSize); @@ -117,10 +91,8 @@ public class PKCS1_V1_5 extends BasePad final byte[] EM = codec.encode(M); final byte[] result = new byte[blockSize - length]; System.arraycopy(EM, 0, result, 0, result.length); - if (DEBUG && debuglevel > 8) - { - debug("padding: 0x" + Util.toString(result)); - } + if (Configuration.DEBUG) + log.fine("padding: 0x" + Util.toString(result)); return result; } @@ -130,15 +102,11 @@ public class PKCS1_V1_5 extends BasePad final byte[] EM = new byte[length]; System.arraycopy(in, offset, EM, 0, length); final int result = length - codec.decode(EM).length; - if (DEBUG && debuglevel > 8) - { - debug("padding length: " + String.valueOf(result)); - } + if (Configuration.DEBUG) + log.fine("padding length: " + String.valueOf(result)); return result; } - // overloaded methods ------------------------------------------------------ - public boolean selfTest() { final int[] mLen = new int[] { 16, 20, 32, 48, 64 }; @@ -156,29 +124,33 @@ public class PKCS1_V1_5 extends BasePad p = pad(M, 0, j); if (j + p.length != blockSize) { - new RuntimeException(name()).printStackTrace(System.err); + if (Configuration.DEBUG) + log.log(Level.SEVERE, + "Length of padded text MUST be a multiple of " + + blockSize, new RuntimeException(name())); return false; } - System.arraycopy(p, 0, EM, 0, p.length); System.arraycopy(M, 0, EM, p.length, j); try { if (p.length != unpad(EM, 0, blockSize)) { - new RuntimeException(name()).printStackTrace(System.err); + if (Configuration.DEBUG) + log.log(Level.SEVERE, "Failed symmetric operation", + new RuntimeException(name())); return false; } } catch (WrongPaddingException x) { - x.printStackTrace(System.err); + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "selfTest", x); return false; } } reset(); } - return true; } -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/pad/PKCS7.java b/libjava/classpath/gnu/javax/crypto/pad/PKCS7.java index 5697aff2712..bef1784eeb3 100644 --- a/libjava/classpath/gnu/javax/crypto/pad/PKCS7.java +++ b/libjava/classpath/gnu/javax/crypto/pad/PKCS7.java @@ -1,129 +1,98 @@ /* PKCS7.java -- - Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. - -This file is a part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2 of the License, or (at -your option) any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; if not, write to the Free Software -Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 -USA - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + + This file is a part of GNU Classpath. + + GNU Classpath is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or (at + your option) any later version. + + GNU Classpath is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with GNU Classpath; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 + USA + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. */ package gnu.javax.crypto.pad; +import gnu.java.security.Configuration; import gnu.java.security.Registry; import gnu.java.security.util.Util; -import java.io.PrintWriter; +import java.util.logging.Logger; /** - * <p>The implementation of the PKCS7 padding algorithm.</p> - * - * <p>This algorithm is described for 8-byte blocks in [RFC-1423] and extended to - * block sizes of up to 256 bytes in [PKCS-7].</p> - * - * References:<br> - * <a href="http://www.ietf.org/rfc/rfc1423.txt">RFC-1423</a>: Privacy + * The implementation of the PKCS7 padding algorithm. + * <p> + * This algorithm is described for 8-byte blocks in [RFC-1423] and extended to + * block sizes of up to 256 bytes in [PKCS-7]. + * <p> + * References: + * <ol> + * <li><a href="http://www.ietf.org/rfc/rfc1423.txt">RFC-1423</a>: Privacy * Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and - * Identifiers.<br> - * <a href="http://www.ietf.org/">IETF</a>. - * <a href="http://www.rsasecurity.com/rsalabs/pkcs/pkcs-7/">[PKCS-7]</a>PKCS #7: - * Cryptographic Message Syntax Standard - An RSA Laboratories Technical Note.<br> - * <a href="http://www.rsasecurity.com/">RSA Security</a>.<p> + * Identifiers.</li> + * <li><a href="http://www.ietf.org/">IETF</a>.</li> + * <li><a href="http://www.rsasecurity.com/rsalabs/pkcs/pkcs-7/">[PKCS-7]</a> + * PKCS #7: Cryptographic Message Syntax Standard - An RSA Laboratories + * Technical Note.</li> + * <li><a href="http://www.rsasecurity.com/">RSA Security</a>.</li> + * </ol> */ -public final class PKCS7 extends BasePad +public final class PKCS7 + extends BasePad { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "pkcs7"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 9; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- + private static final Logger log = Logger.getLogger(PKCS7.class.getName()); /** - * Trivial package-private constructor for use by the <i>Factory</i> class.<p> - * - * @see gnu.crypto.pad.PadFactory + * Trivial package-private constructor for use by the <i>Factory</i> class. + * + * @see PadFactory */ PKCS7() { super(Registry.PKCS7_PAD); } - // Class methods - // ------------------------------------------------------------------------- - - // Implementation of abstract methods in BasePad - // ------------------------------------------------------------------------- - public void setup() { if (blockSize < 2 || blockSize > 256) - { - throw new IllegalArgumentException(); - } + throw new IllegalArgumentException(); } public byte[] pad(byte[] in, int offset, int length) { int padLength = blockSize; if (length % blockSize != 0) - { - padLength = blockSize - length % blockSize; - } + padLength = blockSize - length % blockSize; byte[] result = new byte[padLength]; for (int i = 0; i < padLength;) - { - result[i++] = (byte) padLength; - } - - if (DEBUG && debuglevel > 8) - { - debug("padding: 0x" + Util.toString(result)); - } + result[i++] = (byte) padLength; + if (Configuration.DEBUG) + log.fine("padding: 0x" + Util.toString(result)); return result; } @@ -133,17 +102,10 @@ public final class PKCS7 extends BasePad int limit = offset + length; int result = in[limit - 1] & 0xFF; for (int i = 0; i < result; i++) - { - if (result != (in[--limit] & 0xFF)) - { - throw new WrongPaddingException(); - } - } - - if (DEBUG && debuglevel > 8) - { - debug("padding length: " + String.valueOf(result)); - } + if (result != (in[--limit] & 0xFF)) + throw new WrongPaddingException(); + if (Configuration.DEBUG) + log.fine("padding length: " + result); return result; } -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/pad/PadFactory.java b/libjava/classpath/gnu/javax/crypto/pad/PadFactory.java index 913d69dcbaf..eaa78112e09 100644 --- a/libjava/classpath/gnu/javax/crypto/pad/PadFactory.java +++ b/libjava/classpath/gnu/javax/crypto/pad/PadFactory.java @@ -45,16 +45,13 @@ import java.util.HashSet; import java.util.Set; /** - * <p>A Factory to instantiate padding schemes.</p> + * A Factory to instantiate padding schemes. */ -public class PadFactory implements Registry +public class PadFactory + implements Registry { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- + /** Collection of padding algorithm names --cached for speed. */ + private static Set names; /** Trivial constructor to enforce Singleton pattern. */ private PadFactory() @@ -62,76 +59,62 @@ public class PadFactory implements Registry super(); } - // Class methods - // ------------------------------------------------------------------------- - /** - * <p>Returns an instance of a padding algorithm given its name.</p> - * + * Returns an instance of a padding algorithm given its name. + * * @param pad the case-insensitive name of the padding algorithm. - * @return an instance of the padding algorithm, operating with a given - * block size, or <code>null</code> if none found. + * @return an instance of the padding algorithm, operating with a given block + * size, or <code>null</code> if none found. * @throws InternalError if the implementation does not pass its self-test. */ public static final IPad getInstance(String pad) { if (pad == null) - { - return null; - } + return null; pad = pad.trim().toLowerCase(); if (pad.endsWith("padding")) pad = pad.substring(0, pad.length() - "padding".length()); IPad result = null; if (pad.equals(PKCS7_PAD) || pad.equals(PKCS5_PAD)) - { - result = new PKCS7(); - } + result = new PKCS7(); else if (pad.equals(TBC_PAD)) - { - result = new TBC(); - } + result = new TBC(); else if (pad.equals(EME_PKCS1_V1_5_PAD)) - { - result = new PKCS1_V1_5(); - } + result = new PKCS1_V1_5(); else if (pad.equals(SSL3_PAD)) - { - result = new SSL3(); - } + result = new SSL3(); else if (pad.equals(TLS1_PAD)) - { - result = new TLS1(); - } + result = new TLS1(); + else if (pad.equals(ISO10126_PAD)) + result = new ISO10126(); - if (result != null && !result.selfTest()) - { - throw new InternalError(result.name()); - } + if (result != null && ! result.selfTest()) + throw new InternalError(result.name()); return result; } /** - * <p>Returns a {@link java.util.Set} of names of padding algorithms - * supported by this <i>Factory</i>.</p> - * + * Returns a {@link Set} of names of padding algorithms supported by this + * <i>Factory</i>. + * * @return a {@link Set} of padding algorithm names (Strings). */ public static final Set getNames() { - HashSet hs = new HashSet(); - hs.add(PKCS5_PAD); - hs.add(PKCS7_PAD); - hs.add(TBC_PAD); - hs.add(EME_PKCS1_V1_5_PAD); - hs.add(SSL3_PAD); - hs.add(TLS1_PAD); - - return Collections.unmodifiableSet(hs); + if (names == null) + { + HashSet hs = new HashSet(); + hs.add(PKCS5_PAD); + hs.add(PKCS7_PAD); + hs.add(TBC_PAD); + hs.add(EME_PKCS1_V1_5_PAD); + hs.add(SSL3_PAD); + hs.add(TLS1_PAD); + hs.add(ISO10126_PAD); + names = Collections.unmodifiableSet(hs); + } + return names; } - - // Instance methods - // ------------------------------------------------------------------------- } diff --git a/libjava/classpath/gnu/javax/crypto/pad/SSL3.java b/libjava/classpath/gnu/javax/crypto/pad/SSL3.java index 25aeefa13d0..78964d6193a 100644 --- a/libjava/classpath/gnu/javax/crypto/pad/SSL3.java +++ b/libjava/classpath/gnu/javax/crypto/pad/SSL3.java @@ -39,39 +39,31 @@ exception statement from your version. */ package gnu.javax.crypto.pad; /** - * The padding scheme used by the Secure Sockets Layer, version 3. This - * padding scheme is used in the block-ciphered struct, e.g.: - * + * The padding scheme used by the Secure Sockets Layer, version 3. This padding + * scheme is used in the block-ciphered struct, e.g.: * <pre> - * block-ciphered struct { - * opaque content[SSLCompressed.length]; - * opaque MAC[CipherSpec.hash_size]; - * uint8 padding[GenericBlockCipher.padding_length]; - * uint8 padding_length; - * } GenericBlockCipher; + * block-ciphered struct { + * opaque content[SSLCompressed.length]; + * opaque MAC[CipherSpec.hash_size]; + * uint8 padding[GenericBlockCipher.padding_length]; + * uint8 padding_length; + * } GenericBlockCipher; * </pre> - * - * <p>Where <i>padding_length</i> is <i>cipher_block_size</i> - - * ((<i>SSLCompressed.length</i> + <i>CipherSpec.hash_size</i>) - * % <i>cipher_block_size</i>) - 1. That is, the padding is enough bytes - * to make the plaintext a multiple of the block size minus one, plus one - * additional byte for the padding length. The padding can be any arbitrary - * data.</p> + * <p> + * Where <i>padding_length</i> is <i>cipher_block_size</i> - + * ((<i>SSLCompressed.length</i> + <i>CipherSpec.hash_size</i>) % + * <i>cipher_block_size</i>) - 1. That is, the padding is enough bytes to make + * the plaintext a multiple of the block size minus one, plus one additional + * byte for the padding length. The padding can be any arbitrary data. */ -public class SSL3 extends BasePad +public class SSL3 + extends BasePad { - - // Constructors. - // ------------------------------------------------------------------------- - public SSL3() { super("ssl3"); } - // Instance methods. - // ------------------------------------------------------------------------- - public void setup() { if (blockSize <= 0 || blockSize > 255) @@ -83,7 +75,7 @@ public class SSL3 extends BasePad int padlen = blockSize - (len % blockSize); byte[] pad = new byte[padlen]; for (int i = 0; i < padlen; i++) - pad[i] = (byte) (padlen - 1); + pad[i] = (byte)(padlen - 1); return pad; } @@ -95,4 +87,4 @@ public class SSL3 extends BasePad throw new WrongPaddingException(); return padlen + 1; } -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/pad/TBC.java b/libjava/classpath/gnu/javax/crypto/pad/TBC.java index 25c3e4286bc..e5ff4b5dcb6 100644 --- a/libjava/classpath/gnu/javax/crypto/pad/TBC.java +++ b/libjava/classpath/gnu/javax/crypto/pad/TBC.java @@ -38,95 +38,63 @@ exception statement from your version. */ package gnu.javax.crypto.pad; +import gnu.java.security.Configuration; import gnu.java.security.Registry; import gnu.java.security.util.Util; -import java.io.PrintWriter; +import java.util.logging.Logger; /** - * <p>The implementation of the Trailing Bit Complement (TBC) padding algorithm.</p> - * - * <p>In this mode, "...the data string is padded at the trailing end with the + * The implementation of the Trailing Bit Complement (TBC) padding algorithm. + * <p> + * In this mode, "...the data string is padded at the trailing end with the * complement of the trailing bit of the unpadded message: if the trailing bit - * is <tt>1</tt>, then <tt>0</tt> bits are appended, and if the trailing bit is - * <tt>0</tt>, then <tt>1</tt> bits are appended. As few bits are added as are - * necessary to meet the formatting size requirement."</p> - * - * References:<br> - * <a href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf"> - * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>, - * Morris Dworkin.<p> + * is <tt>1</tt>, then <tt>0</tt> bits are appended, and if the trailing + * bit is <tt>0</tt>, then <tt>1</tt> bits are appended. As few bits are + * added as are necessary to meet the formatting size requirement." + * <p> + * References: + * <ol> + * <li><a + * href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf"> + * Recommendation for Block Cipher Modes of Operation Methods and + * Techniques</a>, Morris Dworkin.</li> + * </ol> */ -public final class TBC extends BasePad +public final class TBC + extends BasePad { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "tbc"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 9; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- + private static final Logger log = Logger.getLogger(TBC.class.getName()); /** - * Trivial package-private constructor for use by the <i>Factory</i> class.<p> - * - * @see gnu.crypto.pad.PadFactory + * Trivial package-private constructor for use by the <i>Factory</i> class. + * + * @see PadFactory */ TBC() { super(Registry.TBC_PAD); } - // Class methods - // ------------------------------------------------------------------------- - - // Implementation of abstract methods in BasePad - // ------------------------------------------------------------------------- - public void setup() { if (blockSize < 1 || blockSize > 256) - { - throw new IllegalArgumentException(); - } + throw new IllegalArgumentException(); } public byte[] pad(byte[] in, int offset, int length) { int padLength = blockSize; if (length % blockSize != 0) - { - padLength = blockSize - length % blockSize; - } + padLength = blockSize - length % blockSize; byte[] result = new byte[padLength]; int lastBit = in[offset + length - 1] & 0x01; if (lastBit == 0) - { - for (int i = 0; i < padLength;) - { - result[i++] = 0x01; - } - } // else it's already set to zeroes by virtue of initialisation - - if (DEBUG && debuglevel > 8) - { - debug("padding: 0x" + Util.toString(result)); - } + for (int i = 0; i < padLength;) + result[i++] = 0x01; + // else it's already set to zeroes by virtue of initialisation + if (Configuration.DEBUG) + log.fine("padding: 0x" + Util.toString(result)); return result; } @@ -141,16 +109,10 @@ public final class TBC extends BasePad result++; limit--; } - if (result > length) - { - throw new WrongPaddingException(); - } - - if (DEBUG && debuglevel > 8) - { - debug("padding length: " + String.valueOf(result)); - } + throw new WrongPaddingException(); + if (Configuration.DEBUG) + log.fine("padding length: " + result); return result; } -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/pad/TLS1.java b/libjava/classpath/gnu/javax/crypto/pad/TLS1.java index 00a538f882a..1d690dd599c 100644 --- a/libjava/classpath/gnu/javax/crypto/pad/TLS1.java +++ b/libjava/classpath/gnu/javax/crypto/pad/TLS1.java @@ -38,42 +38,32 @@ exception statement from your version. */ package gnu.javax.crypto.pad; -import gnu.java.security.util.Util; - /** - * The padding scheme used by the Transport Layer Security protocol, - * version 1. This padding scheme is used in the block-ciphered struct, - * e.g.: - * + * The padding scheme used by the Transport Layer Security protocol, version 1. + * This padding scheme is used in the block-ciphered struct, e.g.: * <pre> - * block-ciphered struct { - * opaque content[TLSCompressed.length]; - * opaque MAC[CipherSpec.hash_size]; - * uint8 padding[GenericBlockCipher.padding_length]; - * uint8 padding_length; - * } GenericBlockCipher; + * block-ciphered struct { + * opaque content[TLSCompressed.length]; + * opaque MAC[CipherSpec.hash_size]; + * uint8 padding[GenericBlockCipher.padding_length]; + * uint8 padding_length; + * } GenericBlockCipher; * </pre> - * - * <p>Where <i>padding_length</i> is any multiple of <i>cipher_block_size</i> - - * ((<i>SSLCompressed.length</i> + <i>CipherSpec.hash_size</i>) - * % <i>cipher_block_size</i>) - 1 that is less than 255. Every byte of the + * <p> + * Where <i>padding_length</i> is any multiple of <i>cipher_block_size</i> - + * ((<i>SSLCompressed.length</i> + <i>CipherSpec.hash_size</i>) % + * <i>cipher_block_size</i>) - 1 that is less than 255. Every byte of the * padding must be equal to <i>padding_length</i>. That is, the end of the - * plaintext is <i>n</i> + 1 copies of the unsigned byte <i>n</i>.</p> + * plaintext is <i>n</i> + 1 copies of the unsigned byte <i>n</i>. */ -public class TLS1 extends BasePad +public class TLS1 + extends BasePad { - - // Constructors. - // ------------------------------------------------------------------------- - public TLS1() { super("tls1"); } - // Instance methods. - // ------------------------------------------------------------------------- - public void setup() { if (blockSize <= 0 || blockSize > 255) @@ -85,9 +75,7 @@ public class TLS1 extends BasePad int padlen = blockSize - (len % blockSize); byte[] pad = new byte[padlen]; for (int i = 0; i < padlen; i++) - { - pad[i] = (byte) (padlen - 1); - } + pad[i] = (byte)(padlen - 1); return pad; } @@ -96,10 +84,8 @@ public class TLS1 extends BasePad { int padlen = in[off + len - 1] & 0xFF; for (int i = off + (len - padlen - 1); i < off + len - 1; i++) - { - if ((in[i] & 0xFF) != padlen) - throw new WrongPaddingException(); - } + if ((in[i] & 0xFF) != padlen) + throw new WrongPaddingException(); return padlen + 1; } -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java b/libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java index e477cf303c7..090d021ebfd 100644 --- a/libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java +++ b/libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java @@ -39,23 +39,10 @@ exception statement from your version. */ package gnu.javax.crypto.pad; /** - * <p>A checked exception that indicates that a padding algorithm did not find the - * expected padding bytes when unpadding some data.</p> + * A checked exception that indicates that a padding algorithm did not find the + * expected padding bytes when unpadding some data. */ -public class WrongPaddingException extends Exception +public class WrongPaddingException + extends Exception { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - - // implicit 0-arguments constructor - - // Class methods - // ------------------------------------------------------------------------- - - // Instant methods - // ------------------------------------------------------------------------- } |
